Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Sensis update – the advertisements are gone

November 13th 2007 in Uncategorized

Both of the Sensir URLs mentioned earlier in the article are now 404 – that’s a good thing.


medrx.sensis.com.au/content/SkyAuction/106804/skyauction_300x250.swf  – dead


medrx.sensis.com.au/content/SkyAuction/106804/skyauction_728x90.swf – dead


Now, if only we could get the problems in the USA and UK cleaned up as easily – I’ll be posting later about very similar redirects that are hitting visitors to allmusic.com and another site as soon as I get the chance to catch my breath and analyse the network captures that have been sent to me via email.


Now, a word of warning.  Sensis and all other sites are going to have to be very careful going forward.  The MalwareAlarm hijacks are hitting sites all over the world – the USA, the UK and now Australia.  There is simply no alternative to doing what is necessary to set up the infrastructure and expertise to decompile and examine each and every Flash creative that is submitted for display on their sites.  Unless and until such steps are taking, such infiltrations as happened to Sensis and so many other sites and advertising networks will continue to happen.


You may wish to review this link to help understand why this stuff gets into the advertising networks in the first place:

Winfixer hide ‘n’ seek: explaining why some people see the ads, and some people don’t
http://msmvps.com/blogs/spywaresucks/archive/2007/08/24/1134527.aspx


 


One comment to...
“Sensis update – the advertisements are gone”

Gary Doughty
wrote on November 26th, 2007      

Just to be clear, Skyauction.com had no part in the creation and distribution of these ads.

Skyauction.com is a victim along with the general public in this situation as the reputation of Skyauction is damaged by this type of malicious behavior.

These “ads” are not associated with any advertising campaign ever used by Skyauction.com The ads were created by some third party by stealing the logo from the Skyauction web site and have a completely different design from Skyauction’s approved ad campaigns. In addition, Skyauction has no affiliation with the company that served the ads, Sensis.


The local Sensis branch is closed, so I had to call the 1800 number.
Sensis staff now have a Fiddler capture from me that proves that the redirect is occurring, they have my cell phone number, and my email address, and they have information about my various blog posts about this incident.
Now we wait and see how long […]

Previous Entry

…and they say thank you.

Next Entry

Archives